diff options
author | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-05-05 17:47:29 +0000 |
---|---|---|
committer | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-05-05 17:47:29 +0000 |
commit | 4f5791ebd03eaec1c7da0865a383175b05102712 (patch) | |
tree | 8ce7b00f7a76baa386372422adebbe64510812d4 /source3/rpc_server/fss | |
parent | Initial commit. (diff) | |
download | samba-upstream.tar.xz samba-upstream.zip |
Adding upstream version 2:4.17.12+dfsg.upstream/2%4.17.12+dfsgupstream
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
Diffstat (limited to 'source3/rpc_server/fss')
-rw-r--r-- | source3/rpc_server/fss/srv_fss_agent.c | 1776 | ||||
-rw-r--r-- | source3/rpc_server/fss/srv_fss_private.h | 92 | ||||
-rw-r--r-- | source3/rpc_server/fss/srv_fss_state.c | 698 |
3 files changed, 2566 insertions, 0 deletions
diff --git a/source3/rpc_server/fss/srv_fss_agent.c b/source3/rpc_server/fss/srv_fss_agent.c new file mode 100644 index 0000000..4de600f --- /dev/null +++ b/source3/rpc_server/fss/srv_fss_agent.c @@ -0,0 +1,1776 @@ +/* + * File Server Remote VSS Protocol (FSRVP) server + * + * Copyright (C) David Disseldorp 2012-2015 + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 3 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program. If not, see <http://www.gnu.org/licenses/>. + */ + +#include "includes.h" +#include "ntdomain.h" +#include "include/messages.h" +#include "serverid.h" +#include "include/auth.h" +#include "../libcli/security/security.h" +#include "../libcli/util/hresult.h" +#include "../lib/smbconf/smbconf.h" +#include "smbd/proto.h" +#include "lib/smbconf/smbconf_init.h" +#include "librpc/rpc/dcesrv_core.h" +#include "librpc/gen_ndr/ndr_fsrvp_scompat.h" +#include "librpc/gen_ndr/ndr_fsrvp.h" +#include "rpc_server/rpc_server.h" +#include "srv_fss_private.h" +#include "lib/global_contexts.h" + +#undef DBGC_CLASS +#define DBGC_CLASS DBGC_RPC_SRV + +static struct fss_global fss_global; + +/* errmap NTSTATUS->fsrvp */ +static const struct { + NTSTATUS status; + uint32_t fsrvp_err; +} ntstatus_to_fsrvp_map[] = { + {NT_STATUS_INVALID_SERVER_STATE, FSRVP_E_BAD_STATE}, + {NT_STATUS_INVALID_DISPOSITION, FSRVP_E_SHADOW_COPY_SET_IN_PROGRESS}, + {NT_STATUS_NOT_SUPPORTED, FSRVP_E_NOT_SUPPORTED}, + {NT_STATUS_IO_TIMEOUT, FSRVP_E_WAIT_TIMEOUT}, + {NT_STATUS_CANT_WAIT, FSRVP_E_WAIT_FAILED}, + {NT_STATUS_OBJECTID_EXISTS, FSRVP_E_OBJECT_ALREADY_EXISTS}, + {NT_STATUS_OBJECTID_NOT_FOUND, FSRVP_E_OBJECT_NOT_FOUND}, + {NT_STATUS_OBJECT_NAME_INVALID, FSRVP_E_BAD_ID}, +}; + +/* errmap NTSTATUS->hresult */ +static const struct { + NTSTATUS status; + HRESULT hres; +} ntstatus_to_hres_map[] = { + {NT_STATUS_ACCESS_DENIED, HRES_E_ACCESSDENIED}, + {NT_STATUS_INVALID_PARAMETER, HRES_E_INVALIDARG}, + {NT_STATUS_NO_MEMORY, HRES_E_OUTOFMEMORY}, +}; + +static uint32_t fss_ntstatus_map(NTSTATUS status) +{ + size_t i; + + if (NT_STATUS_IS_OK(status)) + return 0; + + /* check fsrvp specific errors first */ + for (i = 0; i < ARRAY_SIZE(ntstatus_to_fsrvp_map); i++) { + if (NT_STATUS_EQUAL(status, ntstatus_to_fsrvp_map[i].status)) { + return ntstatus_to_fsrvp_map[i].fsrvp_err; + } + } + /* fall-back to generic hresult values */ + for (i = 0; i < ARRAY_SIZE(ntstatus_to_hres_map); i++) { + if (NT_STATUS_EQUAL(status, ntstatus_to_hres_map[i].status)) { + return HRES_ERROR_V(ntstatus_to_hres_map[i].hres); + } + } + + return HRES_ERROR_V(HRES_E_FAIL); +} + +static NTSTATUS fss_unc_parse(TALLOC_CTX *mem_ctx, + const char *unc, + char **_server, + char **_share) +{ + char *s; + char *server; + char *share; + + if (unc == NULL) { + return NT_STATUS_INVALID_PARAMETER; + } + + s = strstr_m(unc, "\\\\"); + if (s == NULL) { + return NT_STATUS_INVALID_PARAMETER; + } + + server = talloc_strdup(mem_ctx, s + 2); + if (server == NULL) { + return NT_STATUS_NO_MEMORY; + } + s = strchr_m(server, '\\'); + if ((s == NULL) || (s == server)) { + return NT_STATUS_INVALID_PARAMETER; + } + *s = '\0'; + share = s + 1; + + s = strchr_m(share, '\\'); + if (s != NULL) { + /* diskshadow.exe adds a trailing '\' to the share-name */ + *s = '\0'; + } + if (strlen(share) == 0) { + return NT_STATUS_INVALID_PARAMETER; + } + + if (_server != NULL) { + *_server = server; + } + if (_share != NULL) { + *_share = share; + } + + return NT_STATUS_OK; +} + +static NTSTATUS fss_conn_create_tos(struct messaging_context *msg_ctx, + struct auth_session_info *session_info, + int snum, + struct connection_struct **conn_out); + +/* test if system path exists */ +static bool snap_path_exists(TALLOC_CTX *ctx, struct messaging_context *msg_ctx, + struct fss_sc *sc) +{ + TALLOC_CTX *frame = talloc_stackframe(); + SMB_STRUCT_STAT st; + struct connection_struct *conn = NULL; + struct smb_filename *smb_fname = NULL; + char *service = NULL; + char *share; + int snum; + int ret; + NTSTATUS status; + bool result = false; + + ZERO_STRUCT(st); + + if ((sc->smaps_count == 0) || (sc->sc_path == NULL)) { + goto out; + } + + share = sc->smaps->share_name; + snum = find_service(frame, share, &service); + + if ((snum == -1) || (service == NULL)) { + goto out; + } + + status = fss_conn_create_tos(msg_ctx, NULL, snum, &conn); + if(!NT_STATUS_IS_OK(status)) { + goto out; + } + + smb_fname = synthetic_smb_fname(service, + sc->sc_path, + NULL, + NULL, + 0, + 0); + if (smb_fname == NULL) { + goto out; + } + + ret = SMB_VFS_STAT(conn, smb_fname); + if ((ret == -1) && (errno == ENOENT)) { + goto out; + } + result = true; +out: + TALLOC_FREE(frame); + return result; +} + +static NTSTATUS sc_smap_unexpose(struct messaging_context *msg_ctx, + struct fss_sc_smap *sc_smap, bool delete_all); + +static NTSTATUS fss_prune_stale(struct messaging_context *msg_ctx, + const char *db_path) +{ + struct fss_sc_set *sc_sets; + uint32_t sc_sets_count = 0; + struct fss_sc_set *sc_set; + struct fss_sc_smap *prunable_sc_smaps = NULL; + bool is_modified = false; + NTSTATUS status = NT_STATUS_UNSUCCESSFUL; + TALLOC_CTX *ctx = talloc_new(NULL); + + if (!ctx) { + return NT_STATUS_NO_MEMORY; + } + + /* work with temporary state for simple cleanup on failure */ + become_root(); + status = fss_state_retrieve(ctx, &sc_sets, &sc_sets_count, db_path); + unbecome_root(); + if (!NT_STATUS_IS_OK(status)) { + DEBUG(1, ("failed to retrieve fss server state: %s\n", + nt_errstr(status))); + goto out; + } + + /* walk the cache and pick up any entries to be deleted */ + sc_set = sc_sets; + DEBUG(10, ("pruning shared shadow copies\n")); + while (sc_set) { + struct fss_sc *sc; + struct fss_sc_set *sc_set_next = sc_set->next; + char *set_id = GUID_string(ctx, &sc_set->id); + if (set_id == NULL) { + status = NT_STATUS_NO_MEMORY; + goto out; + } + DEBUGADD(10, ("\tprocessing shadow set id %s\n", set_id)); + sc = sc_set->scs; + while (sc) { + struct fss_sc_smap *sc_smap; + struct fss_sc *sc_next = sc->next; + DEBUGADD(10, ("\tprocessing shadow copy path %s\n", + sc->sc_path)); + if (snap_path_exists(ctx, msg_ctx, sc)) { + sc = sc_next; + continue; + } + + /* move missing snapshot state to purge list */ + sc_smap = sc->smaps; + while (sc_smap != NULL) { + struct fss_sc_smap *smap_next = sc_smap->next; + DLIST_REMOVE(sc->smaps, sc_smap); + DLIST_ADD_END(prunable_sc_smaps, sc_smap); + sc->smaps_count--; + sc_smap = smap_next; + } + + DLIST_REMOVE(sc_set->scs, sc); + sc_set->scs_count--; + is_modified = true; + sc = sc_next; + } + if (sc_set->scs_count == 0) { + DLIST_REMOVE(sc_sets, sc_set); + sc_sets_count--; + } + sc_set = sc_set_next; + } + + if (is_modified) { + /* unexpose all shares in a single transaction */ + status = sc_smap_unexpose(msg_ctx, prunable_sc_smaps, true); + if (!NT_STATUS_IS_OK(status)) { + /* exit without storing updated state */ + goto out; + } + + become_root(); + status = fss_state_store(ctx, sc_sets, sc_sets_count, db_path); + unbecome_root(); + if (!NT_STATUS_IS_OK(status)) { + DEBUG(1, ("pruning failed to store fss server state: %s\n", + nt_errstr(status))); + goto out; + } + } + status = NT_STATUS_OK; +out: + TALLOC_FREE(ctx); + return status; +} + +static NTSTATUS fss_conn_create_tos(struct messaging_context *msg_ctx, + struct auth_session_info *session_info, + int snum, + struct connection_struct **conn_out) +{ + const struct loadparm_substitution *lp_sub = + loadparm_s3_global_substitution(); + struct conn_struct_tos *c = NULL; + NTSTATUS status; + + status = create_conn_struct_tos(msg_ctx, + snum, + lp_path(talloc_tos(), lp_sub, snum), + session_info, + &c); + if (!NT_STATUS_IS_OK(status)) { + DEBUG(0,("failed to create conn for vfs: %s\n", + nt_errstr(status))); + return status; + } + + status = set_conn_force_user_group(c->conn, snum); + if (!NT_STATUS_IS_OK(status)) { + DEBUG(0, ("failed set force user / group\n")); + TALLOC_FREE(c); + return status; + } + + *conn_out = c->conn; + return NT_STATUS_OK; +} + +static struct fss_sc_set *sc_set_lookup(struct fss_sc_set *sc_set_head, + struct GUID *sc_set_id) +{ + + struct fss_sc_set *sc_set; + char *guid_str; + + for (sc_set = sc_set_head; sc_set; sc_set = sc_set->next) { + if (GUID_equal(&sc_set->id, sc_set_id)) { + return sc_set; + } + } + guid_str = GUID_string(sc_set_head, sc_set_id); + DEBUG(4, ("shadow copy set with GUID %s not found\n", + guid_str ? guid_str : "NO MEM")); + talloc_free(guid_str); + + return NULL; +} + +static struct fss_sc *sc_lookup(struct fss_sc *sc_head, struct GUID *sc_id) +{ + + struct fss_sc *sc; + char *guid_str; + + for (sc = sc_head; sc; sc = sc->next) { + if (GUID_equal(&sc->id, sc_id)) { + return sc; + } + } + guid_str = GUID_string(sc_head, sc_id); + DEBUG(4, ("shadow copy with GUID %s not found\n", + guid_str ? guid_str : "NO MEM")); + talloc_free(guid_str); + + return NULL; +} + +static struct fss_sc *sc_lookup_volname(struct fss_sc *sc_head, + const char *volname) +{ + struct fss_sc *sc; + + for (sc = sc_head; sc; sc = sc->next) { + if (!strcmp(sc->volume_name, volname)) { + return sc; + } + } + DEBUG(4, ("shadow copy with base volume %s not found\n", volname)); + return NULL; +} + +/* lookup is case-insensitive */ +static struct fss_sc_smap *sc_smap_lookup(struct fss_sc_smap *smaps_head, + const char *share) +{ + struct fss_sc_smap *sc_smap; + for (sc_smap = smaps_head; sc_smap; sc_smap = sc_smap->next) { + if (!strcasecmp_m(sc_smap->share_name, share)) { + return sc_smap; + } + } + DEBUG(4, ("shadow copy share mapping for %s not found\n", share)); + return NULL; +} + +static void srv_fssa_cleanup(void) +{ + talloc_free(fss_global.db_path); + talloc_free(fss_global.mem_ctx); + ZERO_STRUCT(fss_global); +} + +static NTSTATUS srv_fssa_start(struct messaging_context *msg_ctx) +{ + NTSTATUS status; + fss_global.mem_ctx = talloc_named_const(NULL, 0, + "parent fss rpc server ctx"); + if (fss_global.mem_ctx == NULL) { + return NT_STATUS_NO_MEMORY; + } + + fss_global.db_path = lock_path(talloc_tos(), FSS_DB_NAME); + if (fss_global.db_path == NULL) { + talloc_free(fss_global.mem_ctx); + return NT_STATUS_NO_MEMORY; + } + + fss_global.min_vers = FSRVP_RPC_VERSION_1; + fss_global.max_vers = FSRVP_RPC_VERSION_1; + /* + * The server MUST populate the GlobalShadowCopySetTable with the + * ShadowCopySet entries read from the configuration store. + */ + if (lp_parm_bool(GLOBAL_SECTION_SNUM, "fss", "prune stale", false)) { + fss_prune_stale(msg_ctx, fss_global.db_path); + } + become_root(); + status = fss_state_retrieve(fss_global.mem_ctx, &fss_global.sc_sets, + &fss_global.sc_sets_count, + fss_global.db_path); + unbecome_root(); + if (!NT_STATUS_IS_OK(status)) { + DEBUG(1, ("failed to retrieve fss server state: %s\n", + nt_errstr(status))); + } + return NT_STATUS_OK; +} + +/* + * Determine whether to process an FSRVP operation from connected user @p. + * Windows checks for Administrators or Backup Operators group membership. We + * also allow for the SEC_PRIV_BACKUP privilege. + */ +static bool fss_permitted(struct pipes_struct *p) +{ + struct dcesrv_call_state *dce_call = p->dce_call; + struct auth_session_info *session_info = + dcesrv_call_session_info(dce_call); + + if (session_info->unix_token->uid == sec_initial_uid()) { + DEBUG(6, ("Granting FSRVP op, user started smbd\n")); + return true; + } + + if (nt_token_check_sid(&global_sid_Builtin_Administrators, + session_info->security_token)) { + DEBUG(6, ("Granting FSRVP op, administrators group member\n")); + return true; + } + if (nt_token_check_sid(&global_sid_Builtin_Backup_Operators, + session_info->security_token)) { + DEBUG(6, ("Granting FSRVP op, backup operators group member\n")); + return true; + } + if (security_token_has_privilege(session_info->security_token, + SEC_PRIV_BACKUP)) { + DEBUG(6, ("Granting FSRVP op, backup privilege present\n")); + return true; + } + + DEBUG(2, ("FSRVP operation blocked due to lack of backup privilege " + "or Administrators/Backup Operators group membership\n")); + + return false; +} + +static void fss_seq_tout_handler(struct tevent_context *ev, + struct tevent_timer *te, + struct timeval t, + void *private_data) +{ + struct GUID *sc_set_id = NULL; + struct fss_sc_set *sc_set; + + /* + * MS-FSRVP: 3.1.5 Timer Events + * Message Sequence Timer elapses: When the Message Sequence Timer + * elapses, the server MUST delete the ShadowCopySet in the + * GlobalShadowCopySetTable where ShadowCopySet.Status is not equal to + * "Recovered", ContextSet MUST be set to FALSE, and the ShadowCopySet + * object MUST be freed. + */ + DEBUG(2, ("FSRVP msg seq timeout fired\n")); + + if (private_data == NULL) { + DEBUG(4, ("timeout without sc_set\n")); + goto out_init_ctx; + } + + sc_set_id = talloc_get_type_abort(private_data, struct GUID); + sc_set = sc_set_lookup(fss_global.sc_sets, sc_set_id); + if (sc_set == NULL) { + DEBUG(0, ("timeout for unknown sc_set\n")); + goto out_init_ctx; + } else if ((sc_set->state == FSS_SC_EXPOSED) + || (sc_set->state == FSS_SC_RECOVERED)) { + DEBUG(2, ("timeout for finished sc_set %s\n", sc_set->id_str)); + goto out_init_ctx; + } + DEBUG(2, ("cleaning up sc_set %s\n", sc_set->id_str)); + SMB_ASSERT(fss_global.sc_sets_count > 0); + DLIST_REMOVE(fss_global.sc_sets, sc_set); + fss_global.sc_sets_count--; + talloc_free(sc_set); + +out_init_ctx: + fss_global.ctx_set = false; + fss_global.seq_tmr = NULL; + talloc_free(sc_set_id); +} + +static void fss_seq_tout_set(TALLOC_CTX *mem_ctx, + uint32_t timeout_s, + struct fss_sc_set *sc_set, + struct tevent_timer **tmr_out) +{ + struct tevent_timer *tmr; + struct GUID *sc_set_id = NULL; + uint32_t tout; + + /* allow changes to timeout for testing/debugging purposes */ + tout = lp_parm_int(GLOBAL_SECTION_SNUM, "fss", + "sequence timeout", timeout_s); + if (tout == 0) { + DEBUG(2, ("FSRVP message sequence timeout disabled\n")); + *tmr_out = NULL; + return; + } + + if (sc_set) { + /* don't use talloc_memdup(), need explicit type for callback */ + sc_set_id = talloc(mem_ctx, struct GUID); + if (sc_set_id == NULL) { + smb_panic("no memory"); + } + memcpy(sc_set_id, &sc_set->id, sizeof(*sc_set_id)); + } + + tmr = tevent_add_timer(global_event_context(), + mem_ctx, + timeval_current_ofs(tout, 0), + fss_seq_tout_handler, sc_set_id); + if (tmr == NULL) { + talloc_free(sc_set_id); + smb_panic("no memory"); + } + + *tmr_out = tmr; +} + +uint32_t _fss_GetSupportedVersion(struct pipes_struct *p, + struct fss_GetSupportedVersion *r) +{ + if (!fss_permitted(p)) { + return HRES_ERROR_V(HRES_E_ACCESSDENIED); + } + + *r->out.MinVersion = fss_global.min_vers; + *r->out.MaxVersion = fss_global.max_vers; + + return 0; +} + +uint32_t _fss_SetContext(struct pipes_struct *p, + struct fss_SetContext *r) +{ + if (!fss_permitted(p)) { + return HRES_ERROR_V(HRES_E_ACCESSDENIED); + } + + /* ATTR_AUTO_RECOVERY flag can be applied to any */ + switch (r->in.Context & (~ATTR_AUTO_RECOVERY)) { + case FSRVP_CTX_BACKUP: + DEBUG(6, ("fss ctx set backup\n")); + break; + case FSRVP_CTX_FILE_SHARE_BACKUP: + DEBUG(6, ("fss ctx set file share backup\n")); + break; + case FSRVP_CTX_NAS_ROLLBACK: + DEBUG(6, ("fss ctx set nas rollback\n")); + break; + case FSRVP_CTX_APP_ROLLBACK: + DEBUG(6, ("fss ctx set app rollback\n")); + break; + default: + DEBUG(0, ("invalid fss ctx set value: 0x%x\n", r->in.Context)); + return HRES_ERROR_V(HRES_E_INVALIDARG); + break; /* not reached */ + } + + fss_global.ctx_set = true; + fss_global.cur_ctx = r->in.Context; + + TALLOC_FREE(fss_global.seq_tmr); /* kill timer if running */ + fss_seq_tout_set(fss_global.mem_ctx, 180, NULL, &fss_global.seq_tmr); + + fss_global.cur_ctx = r->in.Context; + + return 0; +} + +static bool sc_set_active(struct fss_sc_set *sc_set_head) +{ + + struct fss_sc_set *sc_set; + + for (sc_set = sc_set_head; sc_set; sc_set = sc_set->next) { + if ((sc_set->state != FSS_SC_EXPOSED) + && (sc_set->state != FSS_SC_RECOVERED)) { + return true; + } + } + + return false; +} + +uint32_t _fss_StartShadowCopySet(struct pipes_struct *p, + struct fss_StartShadowCopySet *r) +{ + struct fss_sc_set *sc_set; + uint32_t ret; + + if (!fss_permitted(p)) { + ret = HRES_ERROR_V(HRES_E_ACCESSDENIED); + goto err_out; + } + + if (!fss_global.ctx_set) { + DEBUG(3, ("invalid sequence: start sc set requested without " + "prior context set\n")); + ret = FSRVP_E_BAD_STATE; + goto err_out; + } + + /* + * At any given time, Windows servers allow only one shadow copy set to + * be going through the creation process. + */ + if (sc_set_active(fss_global.sc_sets)) { + DEBUG(3, ("StartShadowCopySet called while in progress\n")); + ret = FSRVP_E_SHADOW_COPY_SET_IN_PROGRESS; + goto err_out; + } + + /* stop msg seq timer */ + TALLOC_FREE(fss_global.seq_tmr); + + sc_set = talloc_zero(fss_global.mem_ctx, struct fss_sc_set); + if (sc_set == NULL) { + ret = HRES_ERROR_V(HRES_E_OUTOFMEMORY); + goto err_tmr_restart; + } + + sc_set->id = GUID_random(); /* Windows servers ignore client ids */ + sc_set->id_str = GUID_string(sc_set, &sc_set->id); + if (sc_set->id_str == NULL) { + ret = HRES_ERROR_V(HRES_E_OUTOFMEMORY); + goto err_sc_set_free; + } + sc_set->state = FSS_SC_STARTED; + sc_set->context = fss_global.cur_ctx; + DLIST_ADD_END(fss_global.sc_sets, sc_set); + fss_global.sc_sets_count++; + DEBUG(6, ("%s: shadow-copy set %u added\n", + sc_set->id_str, fss_global.sc_sets_count)); + + /* start msg seq timer */ + fss_seq_tout_set(fss_global.mem_ctx, 180, sc_set, &fss_global.seq_tmr); + + r->out.pShadowCopySetId = &sc_set->id; + + return 0; + +err_sc_set_free: + talloc_free(sc_set); +err_tmr_restart: + fss_seq_tout_set(fss_global.mem_ctx, 180, NULL, &fss_global.seq_tmr); +err_out: + return ret; +} + +static uint32_t map_share_name(struct fss_sc_smap *sc_smap, + const struct fss_sc *sc) +{ + bool hidden_base = false; + + if (*(sc_smap->share_name + strlen(sc_smap->share_name) - 1) == '$') { + /* + * If MappedShare.ShareName ends with a $ character (meaning + * that the share is hidden), then the exposed share name will + * have the $ suffix appended. + * FIXME: turns out Windows doesn't do this, contrary to docs + */ + hidden_base = true; + } + + sc_smap->sc_share_name = talloc_asprintf(sc_smap, "%s@{%s}%s", + sc_smap->share_name, + sc->id_str, + hidden_base ? "$" : ""); + if (sc_smap->sc_share_name == NULL) { + return HRES_ERROR_V(HRES_E_OUTOFMEMORY); + } + + return 0; +} + +static uint32_t map_share_comment(struct fss_sc_smap *sc_smap, + const struct fss_sc *sc) +{ + char *time_str; + + time_str = http_timestring(sc_smap, sc->create_ts); + if (time_str == NULL) { + return HRES_ERROR_V(HRES_E_OUTOFMEMORY); + } + + sc_smap->sc_share_comment = talloc_asprintf(sc_smap, "Shadow copy of %s taken %s", + sc_smap->share_name, time_str); + if (sc_smap->sc_share_comment == NULL) { + return HRES_ERROR_V(HRES_E_OUTOFMEMORY); + } + + return 0; +} + +uint32_t _fss_AddToShadowCopySet(struct pipes_struct *p, + struct fss_AddToShadowCopySet *r) +{ + struct dcesrv_call_state *dce_call = p->dce_call; + struct auth_session_info *session_info = + dcesrv_call_session_info(dce_call); + uint32_t ret; + struct fss_sc_set *sc_set; + struct fss_sc *sc; + struct fss_sc_smap *sc_smap; + int snum; + char *service; + char *base_vol; + char *share; + char *path_name; + struct connection_struct *conn; + NTSTATUS status; + TALLOC_CTX *frame = talloc_stackframe(); + const struct loadparm_substitution *lp_sub = + loadparm_s3_global_substitution(); + + if (!fss_permitted(p)) { + ret = HRES_ERROR_V(HRES_E_ACCESSDENIED); + goto err_tmp_free; + } + + sc_set = sc_set_lookup(fss_global.sc_sets, &r->in.ShadowCopySetId); + if (sc_set == NULL) { + ret = HRES_ERROR_V(HRES_E_INVALIDARG); + goto err_tmp_free; + } + + status = fss_unc_parse(frame, r->in.ShareName, NULL, &share); + if (!NT_STATUS_IS_OK(status)) { + ret = fss_ntstatus_map(status); + goto err_tmp_free; + } + + snum = find_service(frame, share, &service); + if ((snum == -1) || (service == NULL)) { + DEBUG(0, ("share at %s not found\n", r->in.ShareName)); + ret = HRES_ERROR_V(HRES_E_INVALIDARG); + goto err_tmp_free; + } + + path_name = lp_path(frame, lp_sub, snum); + if (path_name == NULL) { + ret = HRES_ERROR_V(HRES_E_OUTOFMEMORY); + goto err_tmp_free; + } + + status = fss_conn_create_tos(p->msg_ctx, session_info, snum, &conn); + if (!NT_STATUS_IS_OK(status)) { + ret = HRES_ERROR_V(HRES_E_ACCESSDENIED); + goto err_tmp_free; + } + if (!become_user_without_service_by_session(conn, session_info)) { + DEBUG(0, ("failed to become user\n")); + ret = HRES_ERROR_V(HRES_E_ACCESSDENIED); + goto err_tmp_free; + } + + status = SMB_VFS_SNAP_CHECK_PATH(conn, frame, path_name, &base_vol); + unbecome_user_without_service(); + if (!NT_STATUS_IS_OK(status)) { + ret = FSRVP_E_NOT_SUPPORTED; + goto err_tmp_free; + } + + if ((sc_set->state != FSS_SC_STARTED) + && (sc_set->state != FSS_SC_ADDED)) { + ret = FSRVP_E_BAD_STATE; + goto err_tmp_free; + } + + /* stop msg seq timer */ + TALLOC_FREE(fss_global.seq_tmr); + + /* + * server MUST look up the ShadowCopy in ShadowCopySet.ShadowCopyList + * where ShadowCopy.VolumeName matches the file store on which the + * share identified by ShareName is hosted. If an entry is found, the + * server MUST fail the call with FSRVP_E_OBJECT_ALREADY_EXISTS. + * If no entry is found, the server MUST create a new ShadowCopy + * object + * XXX Windows appears to allow multiple mappings for the same vol! + */ + sc = sc_lookup_volname(sc_set->scs, base_vol); + if (sc != NULL) { + ret = FSRVP_E_OBJECT_ALREADY_EXISTS; + goto err_tmr_restart; + } + + sc = talloc_zero(sc_set, struct fss_sc); + if (sc == NULL) { + ret = HRES_ERROR_V(HRES_E_OUTOFMEMORY); + goto err_tmr_restart; + } + talloc_steal(sc, base_vol); + sc->volume_name = base_vol; + sc->sc_set = sc_set; + sc->create_ts = time(NULL); + + sc->id = GUID_random(); /* Windows servers ignore client ids */ + sc->id_str = GUID_string(sc, &sc->id); + if (sc->id_str == NULL) { + ret = HRES_ERROR_V(HRES_E_OUTOFMEMORY); + goto err_sc_free; + } + + sc_smap = talloc_zero(sc, struct fss_sc_smap); + if (sc_smap == NULL) { + ret = HRES_ERROR_V(HRES_E_OUTOFMEMORY); + goto err_sc_free; + } + + talloc_steal(sc_smap, service); + sc_smap->share_name = service; + sc_smap->is_exposed = false; + /* + * generate the sc_smap share name now. It is a unique identifier for + * the smap used as a tdb key for state storage. + */ + ret = map_share_name(sc_smap, sc); + if (ret) { + goto err_sc_free; + } + + /* add share map to shadow-copy */ + DLIST_ADD_END(sc->smaps, sc_smap); + sc->smaps_count++; + /* add shadow-copy to shadow-copy set */ + DLIST_ADD_END(sc_set->scs, sc); + sc_set->scs_count++; + DEBUG(4, ("added volume %s to shadow copy set with GUID %s\n", + sc->volume_name, sc_set->id_str)); + + /* start the Message Sequence Timer with timeout of 1800 seconds */ + fss_seq_tout_set(fss_global.mem_ctx, 1800, sc_set, &fss_global.seq_tmr); + + sc_set->state = FSS_SC_ADDED; + r->out.pShadowCopyId = &sc->id; + + TALLOC_FREE(frame); + return 0; + +err_sc_free: + talloc_free(sc); +err_tmr_restart: + fss_seq_tout_set(fss_global.mem_ctx, 180, sc_set, &fss_global.seq_tmr); +err_tmp_free: + TALLOC_FREE(frame); + return ret; +} + +static NTSTATUS commit_sc_with_conn(TALLOC_CTX *mem_ctx, + struct tevent_context *ev, + struct messaging_context *msg_ctx, + struct auth_session_info *session_info, + struct fss_sc *sc, + char **base_path, + char **snap_path) +{ + TALLOC_CTX *frame = talloc_stackframe(); + NTSTATUS status; + bool rw; + struct connection_struct *conn; + int snum; + char *service; + + snum = find_service(frame, sc->smaps->share_name, &service); + if ((snum == -1) || (service == NULL)) { + DEBUG(0, ("share at %s not found\n", sc->smaps->share_name)); + TALLOC_FREE(frame); + return NT_STATUS_UNSUCCESSFUL; + } + + status = fss_conn_create_tos(msg_ctx, session_info, snum, &conn); + if (!NT_STATUS_IS_OK(status)) { + TALLOC_FREE(frame); + return status; + } + + if (!become_user_without_service_by_session(conn, session_info)) { + DEBUG(0, ("failed to become user\n")); + TALLOC_FREE(frame); + return NT_STATUS_ACCESS_DENIED; + } + rw = ((sc->sc_set->context & ATTR_AUTO_RECOVERY) == ATTR_AUTO_RECOVERY); + status = SMB_VFS_SNAP_CREATE(conn, mem_ctx, + sc->volume_name, + &sc->create_ts, rw, + base_path, snap_path); + unbecome_user_without_service(); + if (!NT_STATUS_IS_OK(status)) { + DEBUG(0, ("snap create failed: %s\n", nt_errstr(status))); + TALLOC_FREE(frame); + return status; + } + + TALLOC_FREE(frame); + return status; +} + +uint32_t _fss_CommitShadowCopySet(struct pipes_struct *p, + struct fss_CommitShadowCopySet *r) +{ + struct dcesrv_call_state *dce_call = p->dce_call; + struct auth_session_info *session_info = + dcesrv_call_session_info(dce_call); + struct fss_sc_set *sc_set; + struct fss_sc *sc; + uint32_t commit_count; + NTSTATUS status; + NTSTATUS saved_status; + TALLOC_CTX *frame = talloc_stackframe(); + + if (!fss_permitted(p)) { + status = NT_STATUS_ACCESS_DENIED; + goto err_tmp_free; + } + + sc_set = sc_set_lookup(fss_global.sc_sets, &r->in.ShadowCopySetId); + if (sc_set == NULL) { + status = NT_STATUS_INVALID_PARAMETER; + goto err_tmp_free; + } + + if (sc_set->state != FSS_SC_ADDED) { + status = NT_STATUS_INVALID_SERVER_STATE; + goto err_tmp_free; + } + + /* stop Message Sequence Timer */ + TALLOC_FREE(fss_global.seq_tmr); + sc_set->state = FSS_SC_CREATING; + commit_count = 0; + saved_status = NT_STATUS_OK; + for (sc = sc_set->scs; sc; sc = sc->next) { + char *base_path; + char *snap_path; + status = commit_sc_with_conn(frame, global_event_context(), + p->msg_ctx, session_info, sc, + &base_path, &snap_path); + if (!NT_STATUS_IS_OK(status)) { + DEBUG(0, ("snap create failed for shadow copy of " + "%s\n", sc->volume_name)); + /* dispatch all scs in set, but retain last error */ + saved_status = status; + continue; + } + /* XXX set timeout r->in.TimeOutInMilliseconds */ + commit_count++; + DEBUG(10, ("good snap create %d\n", + commit_count)); + sc->sc_path = talloc_steal(sc, snap_path); + } + if (!NT_STATUS_IS_OK(saved_status)) { + status = saved_status; + goto err_state_revert; + } + + sc_set->state = FSS_SC_COMMITED; + become_root(); + status = fss_state_store(fss_global.mem_ctx, fss_global.sc_sets, + fss_global.sc_sets_count, + fss_global.db_path); + unbecome_root(); + if (!NT_STATUS_IS_OK(status)) { + DEBUG(1, ("failed to store fss server state: %s\n", + nt_errstr(status))); + } + + fss_seq_tout_set(fss_global.mem_ctx, 180, sc_set, + &fss_global.seq_tmr); + TALLOC_FREE(frame); + return 0; + +err_state_revert: + sc_set->state = FSS_SC_ADDED; + fss_seq_tout_set(fss_global.mem_ctx, 180, sc_set, + &fss_global.seq_tmr); +err_tmp_free: + TALLOC_FREE(frame); + return fss_ntstatus_map(status); +} + +static sbcErr fss_conf_get_share_def(struct smbconf_ctx *fconf_ctx, + struct smbconf_ctx *rconf_ctx, + TALLOC_CTX *mem_ctx, + char *share, + struct smbconf_service **service_def) +{ + sbcErr cerr; + struct smbconf_service *def; + + *service_def = NULL; + cerr = smbconf_get_share(fconf_ctx, mem_ctx, share, &def); + if (SBC_ERROR_IS_OK(cerr)) { + *service_def = def; + return SBC_ERR_OK; + } + + cerr = smbconf_get_share(rconf_ctx, mem_ctx, share, &def); + if (SBC_ERROR_IS_OK(cerr)) { + *service_def = def; + return SBC_ERR_OK; + } + return cerr; +} + +/* + * Expose a new share using libsmbconf, cloning the existing configuration + * from the base share. The base share may be defined in either the registry + * or smb.conf. + * XXX this is called as root + */ +static uint32_t fss_sc_expose(struct smbconf_ctx *fconf_ctx, + struct smbconf_ctx *rconf_ctx, + TALLOC_CTX *mem_ctx, + struct fss_sc *sc) +{ + struct fss_sc_smap *sc_smap; + uint32_t err = 0; + + for (sc_smap = sc->smaps; sc_smap; sc_smap = sc_smap->next) { + sbcErr cerr; + struct smbconf_service *base_service = NULL; + struct security_descriptor *sd; + size_t sd_size; + + cerr = fss_conf_get_share_def(fconf_ctx, rconf_ctx, mem_ctx, + sc_smap->share_name, &base_service); + if (!SBC_ERROR_IS_OK(cerr)) { + DEBUG(0, ("failed to get base share %s definition: " + "%s\n", sc_smap->share_name, + sbcErrorString(cerr))); + err = HRES_ERROR_V(HRES_E_FAIL); + break; + } + + /* smap share name already defined when added */ + err = map_share_comment(sc_smap, sc); + if (err) { + DEBUG(0, ("failed to map share comment\n")); + break; + } + + base_service->name = sc_smap->sc_share_name; + + cerr = smbconf_create_set_share(rconf_ctx, base_service); + if (!SBC_ERROR_IS_OK(cerr)) { + DEBUG(0, ("failed to create share %s: %s\n", + base_service->name, sbcErrorString(cerr))); + err = HRES_ERROR_V(HRES_E_FAIL); + break; + } + cerr = smbconf_set_parameter(rconf_ctx, sc_smap->sc_share_name, + "path", sc->sc_path); + if (!SBC_ERROR_IS_OK(cerr)) { + DEBUG(0, ("failed to set path param: %s\n", + sbcErrorString(cerr))); + err = HRES_ERROR_V(HRES_E_FAIL); + break; + } + if (sc_smap->sc_share_comment != NULL) { + cerr = smbconf_set_parameter(rconf_ctx, + sc_smap->sc_share_name, + "comment", + sc_smap->sc_share_comment); + if (!SBC_ERROR_IS_OK(cerr)) { + DEBUG(0, ("failed to set comment param: %s\n", + sbcErrorString(cerr))); + err = HRES_ERROR_V(HRES_E_FAIL); + break; + } + } + talloc_free(base_service); + + /* + * Obtain the base share SD, which also needs to be cloned. + * Share SDs are stored in share_info.tdb, so are not covered by + * the registry transaction. + * The base share SD should be cloned at the time of exposure, + * rather than when the snapshot is taken. This matches Windows + * Server 2012 behaviour. + */ + sd = get_share_security(mem_ctx, sc_smap->share_name, &sd_size); + if (sd == NULL) { + DEBUG(2, ("no share SD to clone for %s snapshot\n", + sc_smap->share_name)); + } else { + NTSTATUS status; + status = set_share_security(sc_smap->sc_share_name, sd); + TALLOC_FREE(sd); + if (!NT_STATUS_IS_OK(status)) { + DEBUG(0, ("failed to set %s share SD\n", + sc_smap->sc_share_name)); + err = HRES_ERROR_V(HRES_E_FAIL); + break; + } + } + } + + return err; +} + +uint32_t _fss_ExposeShadowCopySet(struct pipes_struct *p, + struct fss_ExposeShadowCopySet *r) +{ + NTSTATUS status; + struct fss_sc_set *sc_set; + struct fss_sc *sc; + uint32_t ret; + struct smbconf_ctx *fconf_ctx; + struct smbconf_ctx *rconf_ctx; + sbcErr cerr; + char *fconf_path; + TALLOC_CTX *frame = talloc_stackframe(); + + if (!fss_permitted(p)) { + ret = HRES_ERROR_V(HRES_E_ACCESSDENIED); + goto err_out; + } + + sc_set = sc_set_lookup(fss_global.sc_sets, &r->in.ShadowCopySetId); + if (sc_set == NULL) { + ret = HRES_ERROR_V(HRES_E_INVALIDARG); + goto err_out; + } + + if (sc_set->state != FSS_SC_COMMITED) { + ret = FSRVP_E_BAD_STATE; + goto err_out; + } + + /* stop message sequence timer */ + TALLOC_FREE(fss_global.seq_tmr); + + /* + * Prepare to clone the base share definition for the snapshot share. + * Create both registry and file conf contexts, as the base share + * definition may be located in either. The snapshot share definition + * is always written to the registry. + */ + cerr = smbconf_init(frame, &rconf_ctx, "registry"); + if (!SBC_ERROR_IS_OK(cerr)) { + DEBUG(0, ("failed registry smbconf init: %s\n", + sbcErrorString(cerr))); + ret = HRES_ERROR_V(HRES_E_FAIL); + goto err_tmr_restart; + } + fconf_path = talloc_asprintf(frame, "file:%s", get_dyn_CONFIGFILE()); + if (fconf_path == NULL) { + ret = HRES_ERROR_V(HRES_E_OUTOFMEMORY); + goto err_tmr_restart; + } + cerr = smbconf_init(frame, &fconf_ctx, fconf_path); + if (!SBC_ERROR_IS_OK(cerr)) { + DEBUG(0, ("failed %s smbconf init: %s\n", + fconf_path, sbcErrorString(cerr))); + ret = HRES_ERROR_V(HRES_E_FAIL); + goto err_tmr_restart; + } + + /* registry IO must be done as root */ + become_root(); + cerr = smbconf_transaction_start(rconf_ctx); + if (!SBC_ERROR_IS_OK(cerr)) { + DEBUG(0, ("error starting transaction: %s\n", + sbcErrorString(cerr))); + ret = HRES_ERROR_V(HRES_E_FAIL); + unbecome_root(); + goto err_tmr_restart; + } + + for (sc = sc_set->scs; sc; sc = sc->next) { + ret = fss_sc_expose(fconf_ctx, rconf_ctx, frame, sc); + if (ret) { + DEBUG(0,("failed to expose shadow copy of %s\n", + sc->volume_name)); + goto err_cancel; + } + } + + cerr = smbconf_transaction_commit(rconf_ctx); + if (!SBC_ERROR_IS_OK(cerr)) { + DEBUG(0, ("error committing transaction: %s\n", + sbcErrorString(cerr))); + ret = HRES_ERROR_V(HRES_E_FAIL); + goto err_cancel; + } + unbecome_root(); + + messaging_send_all(p->msg_ctx, MSG_SMB_CONF_UPDATED, NULL, 0); + for (sc = sc_set->scs; sc; sc = sc->next) { + struct fss_sc_smap *sm; + for (sm = sc->smaps; sm; sm = sm->next) + sm->is_exposed = true; + } + sc_set->state = FSS_SC_EXPOSED; + become_root(); + status = fss_state_store(fss_global.mem_ctx, fss_global.sc_sets, + fss_global.sc_sets_count, fss_global.db_path); + unbecome_root(); + if (!NT_STATUS_IS_OK(status)) { + DEBUG(1, ("failed to store fss server state: %s\n", + nt_errstr(status))); + } + /* start message sequence timer */ + fss_seq_tout_set(fss_global.mem_ctx, 180, sc_set, &fss_global.seq_tmr); + TALLOC_FREE(frame); + return 0; + +err_cancel: + smbconf_transaction_cancel(rconf_ctx); + unbecome_root(); +err_tmr_restart: + fss_seq_tout_set(fss_global.mem_ctx, 180, sc_set, &fss_global.seq_tmr); +err_out: + TALLOC_FREE(frame); + return ret; +} + +uint32_t _fss_RecoveryCompleteShadowCopySet(struct pipes_struct *p, + struct fss_RecoveryCompleteShadowCopySet *r) +{ + NTSTATUS status; + struct fss_sc_set *sc_set; + + if (!fss_permitted(p)) { + return HRES_ERROR_V(HRES_E_ACCESSDENIED); + } + + sc_set = sc_set_lookup(fss_global.sc_sets, &r->in.ShadowCopySetId); + if (sc_set == NULL) { + return HRES_ERROR_V(HRES_E_INVALIDARG); + } + + if (sc_set->state != FSS_SC_EXPOSED) { + return FSRVP_E_BAD_STATE; + } + + /* stop msg sequence timer */ + TALLOC_FREE(fss_global.seq_tmr); + + if (sc_set->context & ATTR_NO_AUTO_RECOVERY) { + /* TODO set read-only */ + } + + sc_set->state = FSS_SC_RECOVERED; + fss_global.cur_ctx = 0; + fss_global.ctx_set = false; + + become_root(); + status = fss_state_store(fss_global.mem_ctx, fss_global.sc_sets, + fss_global.sc_sets_count, fss_global.db_path); + unbecome_root(); + if (!NT_STATUS_IS_OK(status)) { + DEBUG(1, ("failed to store fss server state: %s\n", + nt_errstr(status))); + } + + return 0; +} + +uint32_t _fss_AbortShadowCopySet(struct pipes_struct *p, + struct fss_AbortShadowCopySet *r) +{ + NTSTATUS status; + struct fss_sc_set *sc_set; + + if (!fss_permitted(p)) { + return HRES_ERROR_V(HRES_E_ACCESSDENIED); + } + + sc_set = sc_set_lookup(fss_global.sc_sets, &r->in.ShadowCopySetId); + if (sc_set == NULL) { + return HRES_ERROR_V(HRES_E_INVALIDARG); + } + + DEBUG(6, ("%s: aborting shadow-copy set\n", sc_set->id_str)); + + if ((sc_set->state == FSS_SC_COMMITED) + || (sc_set->state == FSS_SC_EXPOSED) + || (sc_set->state == FSS_SC_RECOVERED)) { + return 0; + } + + if (sc_set->state == FSS_SC_CREATING) { + return FSRVP_E_BAD_STATE; + } + + DLIST_REMOVE(fss_global.sc_sets, sc_set); + talloc_free(sc_set); + fss_global.sc_sets_count--; + become_root(); + status = fss_state_store(fss_global.mem_ctx, fss_global.sc_sets, + fss_global.sc_sets_count, fss_global.db_path); + unbecome_root(); + if (!NT_STATUS_IS_OK(status)) { + DEBUG(1, ("failed to store fss server state: %s\n", + nt_errstr(status))); + } + + return 0; +} + +uint32_t _fss_IsPathSupported(struct pipes_struct *p, + struct fss_IsPathSupported *r) +{ + struct dcesrv_call_state *dce_call = p->dce_call; + struct auth_session_info *session_info = + dcesrv_call_session_info(dce_call); + int snum; + char *service; + char *base_vol; + NTSTATUS status; + struct connection_struct *conn; + char *share; + TALLOC_CTX *frame = talloc_stackframe(); + const struct loadparm_substitution *lp_sub = + loadparm_s3_global_substitution(); + + if (!fss_permitted(p)) { + TALLOC_FREE(frame); + return HRES_ERROR_V(HRES_E_ACCESSDENIED); + } + + status = fss_unc_parse(frame, r->in.ShareName, NULL, &share); + if (!NT_STATUS_IS_OK(status)) { + TALLOC_FREE(frame); + return fss_ntstatus_map(status); + } + + snum = find_service(frame, share, &service); + if ((snum == -1) || (service == NULL)) { + DEBUG(0, ("share at %s not found\n", r->in.ShareName)); + TALLOC_FREE(frame); + return HRES_ERROR_V(HRES_E_INVALIDARG); + } + + status = fss_conn_create_tos(p->msg_ctx, session_info, snum, &conn); + if (!NT_STATUS_IS_OK(status)) { + TALLOC_FREE(frame); + return HRES_ERROR_V(HRES_E_ACCESSDENIED); + } + if (!become_user_without_service_by_session(conn, session_info)) { + DEBUG(0, ("failed to become user\n")); + TALLOC_FREE(frame); + return HRES_ERROR_V(HRES_E_ACCESSDENIED); + } + status = SMB_VFS_SNAP_CHECK_PATH(conn, frame, + lp_path(frame, lp_sub, snum), + &base_vol); + unbecome_user_without_service(); + if (!NT_STATUS_IS_OK(status)) { + TALLOC_FREE(frame); + return FSRVP_E_NOT_SUPPORTED; + } + + *r->out.OwnerMachineName = lp_netbios_name(); + *r->out.SupportedByThisProvider = 1; + TALLOC_FREE(frame); + return 0; +} + +uint32_t _fss_IsPathShadowCopied(struct pipes_struct *p, + struct fss_IsPathShadowCopied *r) +{ + if (!fss_permitted(p)) { + return HRES_ERROR_V(HRES_E_ACCESSDENIED); + } + + /* not yet supported */ + return FSRVP_E_NOT_SUPPORTED; +} + +uint32_t _fss_GetShareMapping(struct pipes_struct *p, + struct fss_GetShareMapping *r) +{ + NTSTATUS status; + struct fss_sc_set *sc_set; + struct fss_sc *sc; + struct fss_sc_smap *sc_smap; + char *share; + struct fssagent_share_mapping_1 *sm_out; + TALLOC_CTX *frame = talloc_stackframe(); + + if (!fss_permitted(p)) { + TALLOC_FREE(frame); + return HRES_ERROR_V(HRES_E_ACCESSDENIED); + } + + sc_set = sc_set_lookup(fss_global.sc_sets, &r->in.ShadowCopySetId); + if (sc_set == NULL) { + TALLOC_FREE(frame); + return HRES_ERROR_V(HRES_E_INVALIDARG); + } + + /* + * If ShadowCopySet.Status is not "Exposed", the server SHOULD<9> fail + * the call with FSRVP_E_BAD_STATE. + * <9> If ShadowCopySet.Status is "Started", "Added", + * "CreationInProgress", or "Committed", Windows Server 2012 FSRVP + * servers return an error value of 0x80042311. + */ + if ((sc_set->state == FSS_SC_STARTED) + || (sc_set->state == FSS_SC_ADDED) + || (sc_set->state == FSS_SC_CREATING) + || (sc_set->state == FSS_SC_COMMITED)) { + TALLOC_FREE(frame); + return 0x80042311; /* documented magic value */ + } + + sc = sc_lookup(sc_set->scs, &r->in.ShadowCopyId); + if (sc == NULL) { + TALLOC_FREE(frame); + return HRES_ERROR_V(HRES_E_INVALIDARG); + } + + status = fss_unc_parse(frame, r->in.ShareName, NULL, &share); + if (!NT_STATUS_IS_OK(status)) { + TALLOC_FREE(frame); + return fss_ntstatus_map(status); + } + + sc_smap = sc_smap_lookup(sc->smaps, share); + if (sc_smap == NULL) { + TALLOC_FREE(frame); + return HRES_ERROR_V(HRES_E_INVALIDARG); + } + + if (r->in.Level != 1) { + TALLOC_FREE(frame); + return HRES_ERROR_V(HRES_E_INVALIDARG); + } + + sm_out = talloc_zero(p->mem_ctx, struct fssagent_share_mapping_1); + if (sm_out == NULL) { + TALLOC_FREE(frame); + return HRES_ERROR_V(HRES_E_OUTOFMEMORY); + } + sm_out->ShadowCopySetId = sc_set->id; + sm_out->ShadowCopyId = sc->id; + sm_out->ShareNameUNC = talloc_asprintf(sm_out, "\\\\%s\\%s", + lp_netbios_name(), + sc_smap->share_name); + if (sm_out->ShareNameUNC == NULL) { + talloc_free(sm_out); + TALLOC_FREE(frame); + return HRES_ERROR_V(HRES_E_OUTOFMEMORY); + } + sm_out->ShadowCopyShareName = sc_smap->sc_share_name; + unix_to_nt_time(&sm_out->tstamp, sc->create_ts); + r->out.ShareMapping->ShareMapping1 = sm_out; + TALLOC_FREE(frame); + + /* reset msg sequence timer */ + TALLOC_FREE(fss_global.seq_tmr); + fss_seq_tout_set(fss_global.mem_ctx, 1800, sc_set, &fss_global.seq_tmr); + + return 0; +} + +static NTSTATUS sc_smap_unexpose(struct messaging_context *msg_ctx, + struct fss_sc_smap *sc_smap, bool delete_all) +{ + NTSTATUS ret; + struct smbconf_ctx *conf_ctx; + sbcErr cerr; + bool is_modified = false; + TALLOC_CTX *frame = talloc_stackframe(); + + cerr = smbconf_init(frame, &conf_ctx, "registry"); + if (!SBC_ERROR_IS_OK(cerr)) { + DEBUG(0, ("failed registry smbconf init: %s\n", + sbcErrorString(cerr))); + ret = NT_STATUS_UNSUCCESSFUL; + goto err_tmp; + } + + /* registry IO must be done as root */ + become_root(); + + cerr = smbconf_transaction_start(conf_ctx); + if (!SBC_ERROR_IS_OK(cerr)) { + DEBUG(0, ("error starting transaction: %s\n", + sbcErrorString(cerr))); + ret = NT_STATUS_UNSUCCESSFUL; + goto err_conf; + } + + while (sc_smap) { + struct fss_sc_smap *sc_map_next = sc_smap->next; + if (!smbconf_share_exists(conf_ctx, sc_smap->sc_share_name)) { + DEBUG(2, ("no such share: %s\n", sc_smap->sc_share_name)); + if (!delete_all) { + ret = NT_STATUS_OK; + goto err_cancel; + } + sc_smap = sc_map_next; + continue; + } + + cerr = smbconf_delete_share(conf_ctx, sc_smap->sc_share_name); + if (!SBC_ERROR_IS_OK(cerr)) { + DEBUG(0, ("error deleting share: %s\n", + sbcErrorString(cerr))); + ret = NT_STATUS_UNSUCCESSFUL; + goto err_cancel; + } + is_modified = true; + sc_smap->is_exposed = false; + if (delete_all) { + sc_smap = sc_map_next; + } else { + sc_smap = NULL; /* only process single sc_map entry */ + } + } + if (is_modified) { + cerr = smbconf_transaction_commit(conf_ctx); + if (!SBC_ERROR_IS_OK(cerr)) { + DEBUG(0, ("error committing transaction: %s\n", + sbcErrorString(cerr))); + ret = NT_STATUS_UNSUCCESSFUL; + goto err_cancel; + } + messaging_send_all(msg_ctx, MSG_SMB_CONF_UPDATED, NULL, 0); + } else { + ret = NT_STATUS_OK; + goto err_cancel; + } + ret = NT_STATUS_OK; + +err_conf: + talloc_free(conf_ctx); + unbecome_root(); +err_tmp: + TALLOC_FREE(frame); + return ret; + +err_cancel: + smbconf_transaction_cancel(conf_ctx); + talloc_free(conf_ctx); + unbecome_root(); + TALLOC_FREE(frame); + return ret; +} + +uint32_t _fss_DeleteShareMapping(struct pipes_struct *p, + struct fss_DeleteShareMapping *r) +{ + struct dcesrv_call_state *dce_call = p->dce_call; + struct auth_session_info *session_info = + dcesrv_call_session_info(dce_call); + struct fss_sc_set *sc_set; + struct fss_sc *sc; + struct fss_sc_smap *sc_smap; + char *share; + NTSTATUS status; + TALLOC_CTX *frame = talloc_stackframe(); + struct connection_struct *conn; + int snum; + char *service; + + if (!fss_permitted(p)) { + status = NT_STATUS_ACCESS_DENIED; + goto err_tmp_free; + } + + sc_set = sc_set_lookup(fss_global.sc_sets, &r->in.ShadowCopySetId); + if (sc_set == NULL) { + /* docs say HRES_E_INVALIDARG */ + status = NT_STATUS_OBJECTID_NOT_FOUND; + goto err_tmp_free; + } + + if ((sc_set->state != FSS_SC_EXPOSED) + && (sc_set->state != FSS_SC_RECOVERED)) { + status = NT_STATUS_INVALID_SERVER_STATE; + goto err_tmp_free; + } + + sc = sc_lookup(sc_set->scs, &r->in.ShadowCopyId); + if (sc == NULL) { + status = NT_STATUS_INVALID_PARAMETER; + goto err_tmp_free; + } + + status = fss_unc_parse(frame, r->in.ShareName, NULL, &share); + if (!NT_STATUS_IS_OK(status)) { + goto err_tmp_free; + } + + sc_smap = sc_smap_lookup(sc->smaps, share); + if (sc_smap == NULL) { + status = NT_STATUS_INVALID_PARAMETER; + goto err_tmp_free; + } + + status = sc_smap_unexpose(p->msg_ctx, sc_smap, false); + if (!NT_STATUS_IS_OK(status)) { + DEBUG(0, ("failed to remove share %s: %s\n", + sc_smap->sc_share_name, nt_errstr(status))); + goto err_tmp_free; + } + + messaging_send_all(p->msg_ctx, MSG_SMB_FORCE_TDIS, + sc_smap->sc_share_name, + strlen(sc_smap->sc_share_name) + 1); + + if (sc->smaps_count > 1) { + /* do not delete the underlying snapshot - still in use */ + status = NT_STATUS_OK; + goto err_tmp_free; + } + + snum = find_service(frame, sc_smap->share_name, &service); + if ((snum == -1) || (service == NULL)) { + DEBUG(0, ("share at %s not found\n", sc_smap->share_name)); + status = NT_STATUS_UNSUCCESSFUL; + goto err_tmp_free; + } + + status = fss_conn_create_tos(p->msg_ctx, session_info, snum, &conn); + if (!NT_STATUS_IS_OK(status)) { + goto err_tmp_free; + } + if (!become_user_without_service_by_session(conn, session_info)) { + DEBUG(0, ("failed to become user\n")); + status = NT_STATUS_ACCESS_DENIED; + goto err_tmp_free; + } + + status = SMB_VFS_SNAP_DELETE(conn, frame, sc->volume_name, + sc->sc_path); + unbecome_user_without_service(); + if (!NT_STATUS_IS_OK(status)) { + goto err_tmp_free; + } + + /* XXX set timeout r->in.TimeOutInMilliseconds */ + DEBUG(6, ("good snap delete\n")); + DLIST_REMOVE(sc->smaps, sc_smap); + sc->smaps_count--; + talloc_free(sc_smap); + if (sc->smaps_count == 0) { + DLIST_REMOVE(sc_set->scs, sc); + sc_set->scs_count--; + talloc_free(sc); + + if (sc_set->scs_count == 0) { + DLIST_REMOVE(fss_global.sc_sets, sc_set); + fss_global.sc_sets_count--; + talloc_free(sc_set); + } + } + + become_root(); + status = fss_state_store(fss_global.mem_ctx, fss_global.sc_sets, + fss_global.sc_sets_count, fss_global.db_path); + unbecome_root(); + if (!NT_STATUS_IS_OK(status)) { + DEBUG(1, ("failed to store fss server state: %s\n", + nt_errstr(status))); + } + + status = NT_STATUS_OK; +err_tmp_free: + TALLOC_FREE(frame); + return fss_ntstatus_map(status); +} + +uint32_t _fss_PrepareShadowCopySet(struct pipes_struct *p, + struct fss_PrepareShadowCopySet *r) +{ + struct fss_sc_set *sc_set; + + if (!fss_permitted(p)) { + return HRES_ERROR_V(HRES_E_ACCESSDENIED); + } + + sc_set = sc_set_lookup(fss_global.sc_sets, &r->in.ShadowCopySetId); + if (sc_set == NULL) { + return HRES_ERROR_V(HRES_E_INVALIDARG); + } + + if (sc_set->state != FSS_SC_ADDED) { + return FSRVP_E_BAD_STATE; + } + + /* stop msg sequence timer */ + TALLOC_FREE(fss_global.seq_tmr); + + /* + * Windows Server "8" Beta takes ~60s here, presumably flushing + * everything to disk. We may want to do something similar. + */ + + /* start msg sequence timer, 1800 on success */ + fss_seq_tout_set(fss_global.mem_ctx, 1800, sc_set, &fss_global.seq_tmr); + + return 0; +} + +static NTSTATUS FileServerVssAgent__op_init_server( + struct dcesrv_context *dce_ctx, + const struct dcesrv_endpoint_server *ep_server); + +static NTSTATUS FileServerVssAgent__op_shutdown_server( + struct dcesrv_context *dce_ctx, + const struct dcesrv_endpoint_server *ep_server); + +#define DCESRV_INTERFACE_FILESERVERVSSAGENT_INIT_SERVER \ + fileservervssagent_init_server + +#define DCESRV_INTERFACE_FILESERVERVSSAGENT_SHUTDOWN_SERVER \ + fileservervssagent_shutdown_server + +static NTSTATUS fileservervssagent_shutdown_server( + struct dcesrv_context *dce_ctx, + const struct dcesrv_endpoint_server *ep_server) +{ + srv_fssa_cleanup(); + return FileServerVssAgent__op_shutdown_server(dce_ctx, ep_server); +} + +static NTSTATUS fileservervssagent_init_server( + struct dcesrv_context *dce_ctx, + const struct dcesrv_endpoint_server *ep_server) +{ + NTSTATUS status; + struct messaging_context *msg_ctx = global_messaging_context(); + + status = srv_fssa_start(msg_ctx); + if (!NT_STATUS_IS_OK(status)) { + return status; + } + + return FileServerVssAgent__op_init_server(dce_ctx, ep_server); +} + +/* include the generated boilerplate */ +#include "librpc/gen_ndr/ndr_fsrvp_scompat.c" diff --git a/source3/rpc_server/fss/srv_fss_private.h b/source3/rpc_server/fss/srv_fss_private.h new file mode 100644 index 0000000..4db9f98 --- /dev/null +++ b/source3/rpc_server/fss/srv_fss_private.h @@ -0,0 +1,92 @@ +/* + * File Server Remote VSS Protocol (FSRVP) server state + * + * Copyright (C) David Disseldorp 2012-2015 + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 3 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program. If not, see <http://www.gnu.org/licenses/>. + */ + +#ifndef _SRV_FSS_PRIVATE_H_ +#define _SRV_FSS_PRIVATE_H_ + +#define FSS_DB_NAME "srv_fss.tdb" + +struct fss_sc_smap { + struct fss_sc_smap *next, *prev; + char *share_name; /* name of the base file share */ + char *sc_share_name; /* share exposing the shadow copy */ + char *sc_share_comment; + bool is_exposed; /* whether shadow copy is exposed */ +}; + +struct fss_sc { + struct fss_sc *next, *prev; + struct GUID id; /* GUID of the shadow copy */ + char *id_str; + char *volume_name; /* name uniquely identifying on the + * server object store on which this + * shadow copy is created. */ + char *sc_path; /* path exposing the shadow copy */ + time_t create_ts; /* timestamp of client initiation */ + struct fss_sc_smap *smaps; /* shares mapped to this shadow copy */ + uint32_t smaps_count; + struct fss_sc_set *sc_set; /* parent shadow copy set */ +}; + +/* + * 3.1.1.2: Per ShadowCopySet + * The status of the shadow copy set. This MUST be one of "Started", "Added", + * "CreationInProgress", "Committed", "Exposed", or "Recovered". + */ +enum fss_sc_state { + FSS_SC_STARTED, + FSS_SC_ADDED, + FSS_SC_CREATING, + FSS_SC_COMMITED, + FSS_SC_EXPOSED, + FSS_SC_RECOVERED, +}; +struct fss_sc_set { + struct fss_sc_set *next, *prev; + struct GUID id; /* GUID of the shadow copy set. */ + char *id_str; + enum fss_sc_state state; /* status of the shadow copy set */ + uint32_t context; /* attributes used for set creation */ + struct fss_sc *scs; /* list of ShadowCopy objects */ + uint32_t scs_count; +}; + +struct fss_global { + TALLOC_CTX *mem_ctx; /* parent mem ctx for sc sets */ + char *db_path; + uint32_t min_vers; + uint32_t max_vers; + bool ctx_set; /* whether client has set context */ + uint32_t cur_ctx; + struct fss_sc_set *sc_sets; + uint32_t sc_sets_count; + struct tevent_timer *seq_tmr; /* time to wait between client reqs */ +}; + +NTSTATUS fss_state_store(TALLOC_CTX *mem_ctx, + struct fss_sc_set *sc_sets, + uint32_t sc_sets_count, + const char *db_path); + +NTSTATUS fss_state_retrieve(TALLOC_CTX *mem_ctx, + struct fss_sc_set **sc_sets, + uint32_t *sc_sets_count, + const char *db_path); + +#endif /*_SRV_FSS_PRIVATE_H_ */ diff --git a/source3/rpc_server/fss/srv_fss_state.c b/source3/rpc_server/fss/srv_fss_state.c new file mode 100644 index 0000000..8597c36 --- /dev/null +++ b/source3/rpc_server/fss/srv_fss_state.c @@ -0,0 +1,698 @@ +/* + * File Server Remote VSS Protocol (FSRVP) persistent server state + * + * Copyright (C) David Disseldorp 2012-2015 + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 3 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program. If not, see <http://www.gnu.org/licenses/>. + */ + +#include "source3/include/includes.h" +#include <fcntl.h> +#include "source3/include/util_tdb.h" +#include "lib/dbwrap/dbwrap.h" +#include "lib/dbwrap/dbwrap_open.h" +#include "librpc/ndr/libndr.h" +#include "librpc/gen_ndr/ndr_fsrvp_state.h" +#include "srv_fss_private.h" + +#define FSS_DB_KEY_VERSION "db_version" +#define FSS_DB_KEY_CONTEXT "context" +#define FSS_DB_KEY_SC_SET_COUNT "sc_set_count" +#define FSS_DB_KEY_PFX_SC_SET "sc_set/" +#define FSS_DB_KEY_PFX_SC "sc/" +#define FSS_DB_KEY_PFX_SMAP "smap/" + +static NTSTATUS fss_state_smap_store(TALLOC_CTX *mem_ctx, + struct db_context *db, + const char *sc_key_str, + struct fss_sc_smap *smap) +{ + NTSTATUS status; + TDB_DATA val; + const char *smap_key_str; + struct fsrvp_state_smap smap_state; + enum ndr_err_code ndr_ret; + DATA_BLOB smap_state_blob; + + /* becomes sc_set/@sc_set_id/sc/@sc_id/smap/@sc_share_name */ + smap_key_str = talloc_asprintf(mem_ctx, "%s/%s%s", sc_key_str, + FSS_DB_KEY_PFX_SMAP, + smap->sc_share_name); + if (smap_key_str == NULL) { + return NT_STATUS_NO_MEMORY; + } + + smap_state.share_name = smap->share_name; + smap_state.sc_share_name = smap->sc_share_name; + /* @smap->sc_share_comment may be null if not exposed. */ + if (smap->sc_share_comment != NULL) { + smap_state.sc_share_comment = smap->sc_share_comment; + } else { + smap_state.sc_share_comment = ""; + } + smap_state.is_exposed = smap->is_exposed; + + ndr_ret = ndr_push_struct_blob(&smap_state_blob, mem_ctx, + &smap_state, + (ndr_push_flags_fn_t)ndr_push_fsrvp_state_smap); + if (ndr_ret != NDR_ERR_SUCCESS) { + return NT_STATUS_INTERNAL_ERROR; + } + + val.dsize = smap_state_blob.length; + val.dptr = smap_state_blob.data; + + status = dbwrap_store(db, string_term_tdb_data(smap_key_str), val, 0); + if (!NT_STATUS_IS_OK(status)) { + return status; + } + + return NT_STATUS_OK; +} + +static NTSTATUS fss_state_sc_store(TALLOC_CTX *mem_ctx, + struct db_context *db, + const char *sc_set_key_str, + struct fss_sc *sc) +{ + NTSTATUS status; + TDB_DATA val; + const char *sc_key_str; + struct fsrvp_state_sc sc_state; + struct fss_sc_smap *smap; + enum ndr_err_code ndr_ret; + DATA_BLOB sc_state_blob; + + /* becomes sc_set/@sc_set.id/sc/@sc_id */ + sc_key_str = talloc_asprintf(mem_ctx, "%s/%s%s", sc_set_key_str, + FSS_DB_KEY_PFX_SC, sc->id_str); + if (sc_key_str == NULL) { + return NT_STATUS_NO_MEMORY; + } + + sc_state.id_str = sc->id_str; + sc_state.volume_name = sc->volume_name; + /* @sc->sc_path may be null if not committed, store empty str */ + sc_state.sc_path = (sc->sc_path ? sc->sc_path : ""); + sc_state.create_ts = sc->create_ts; + sc_state.smaps_count = sc->smaps_count; + + ndr_ret = ndr_push_struct_blob(&sc_state_blob, mem_ctx, + &sc_state, + (ndr_push_flags_fn_t)ndr_push_fsrvp_state_sc); + if (ndr_ret != NDR_ERR_SUCCESS) { + return NT_STATUS_INTERNAL_ERROR; + } + + val.dsize = sc_state_blob.length; + val.dptr = sc_state_blob.data; + + status = dbwrap_store(db, string_term_tdb_data(sc_key_str), val, 0); + if (!NT_STATUS_IS_OK(status)) { + return status; + } + + for (smap = sc->smaps; smap; smap = smap->next) { + status = fss_state_smap_store(mem_ctx, db, sc_key_str, smap); + if (!NT_STATUS_IS_OK(status)) { + return status; + } + } + + return NT_STATUS_OK; +} + +static NTSTATUS fss_state_sc_set_store(TALLOC_CTX *mem_ctx, + struct db_context *db, + struct fss_sc_set *sc_set) +{ + NTSTATUS status; + TDB_DATA val; + const char *sc_set_key_str; + struct fss_sc *sc; + struct fsrvp_state_sc_set sc_set_state; + DATA_BLOB sc_set_state_blob; + enum ndr_err_code ndr_ret; + + sc_set_key_str = talloc_asprintf(mem_ctx, "%s%s", + FSS_DB_KEY_PFX_SC_SET, + sc_set->id_str); + if (sc_set_key_str == NULL) { + return NT_STATUS_NO_MEMORY; + } + + sc_set_state.id_str = sc_set->id_str; + sc_set_state.state = sc_set->state; + sc_set_state.context = sc_set->context; + sc_set_state.scs_count = sc_set->scs_count; + + ndr_ret = ndr_push_struct_blob(&sc_set_state_blob, mem_ctx, + &sc_set_state, + (ndr_push_flags_fn_t)ndr_push_fsrvp_state_sc_set); + if (ndr_ret != NDR_ERR_SUCCESS) { + return NT_STATUS_INTERNAL_ERROR; + } + + val.dsize = sc_set_state_blob.length; + val.dptr = sc_set_state_blob.data; + + status = dbwrap_store(db, string_term_tdb_data(sc_set_key_str), val, 0); + if (!NT_STATUS_IS_OK(status)) { + return status; + } + + for (sc = sc_set->scs; sc; sc = sc->next) { + status = fss_state_sc_store(mem_ctx, db, sc_set_key_str, sc); + if (!NT_STATUS_IS_OK(status)) { + return status; + } + } + + return NT_STATUS_OK; +} + +/* + * write out the current fsrvp server state to a TDB. This clears any content + * currently written to the TDB. + */ +_PRIVATE_ NTSTATUS fss_state_store(TALLOC_CTX *mem_ctx, + struct fss_sc_set *sc_sets, + uint32_t sc_sets_count, + const char *db_path) +{ + TALLOC_CTX *tmp_ctx; + struct db_context *db; + NTSTATUS status; + int ret; + struct fss_sc_set *sc_set; + + tmp_ctx = talloc_new(mem_ctx); + if (tmp_ctx == NULL) { + return NT_STATUS_NO_MEMORY; + } + + db = db_open(tmp_ctx, db_path, 0, TDB_DEFAULT, O_RDWR | O_CREAT, + 0600, DBWRAP_LOCK_ORDER_1, DBWRAP_FLAG_NONE); + if (db == NULL) { + DEBUG(0, ("Failed to open fss state database %s\n", db_path)); + status = NT_STATUS_ACCESS_DENIED; + goto err_ctx_free; + } + + ret = dbwrap_wipe(db); + if (ret != 0) { + status = NT_STATUS_UNSUCCESSFUL; + goto err_db_free; + } + + status = dbwrap_store_int32_bystring(db, FSS_DB_KEY_VERSION, + FSRVP_STATE_DB_VERSION); + if (!NT_STATUS_IS_OK(status)) { + goto err_db_free; + } + + ret = dbwrap_transaction_start(db); + if (ret != 0) { + status = NT_STATUS_UNSUCCESSFUL; + goto err_db_free; + } + + status = dbwrap_store_int32_bystring(db, FSS_DB_KEY_SC_SET_COUNT, + sc_sets_count); + if (!NT_STATUS_IS_OK(status)) { + status = NT_STATUS_UNSUCCESSFUL; + goto err_trans_cancel; + } + + for (sc_set = sc_sets; sc_set; sc_set = sc_set->next) { + status = fss_state_sc_set_store(tmp_ctx, db, sc_set); + if (!NT_STATUS_IS_OK(status)) { + goto err_trans_cancel; + } + } + + ret = dbwrap_transaction_commit(db); + if (ret != 0) { + status = NT_STATUS_UNSUCCESSFUL; + goto err_trans_cancel; + } + + talloc_free(db); + talloc_free(tmp_ctx); + return NT_STATUS_OK; + +err_trans_cancel: + dbwrap_transaction_cancel(db); +err_db_free: + talloc_free(db); +err_ctx_free: + talloc_free(tmp_ctx); + return status; +} + +static NTSTATUS fss_state_smap_retrieve(TALLOC_CTX *mem_ctx, + TDB_DATA *key, + TDB_DATA *val, + struct fss_sc_smap **smap_out) +{ + struct fss_sc_smap *smap; + struct fsrvp_state_smap smap_state; + DATA_BLOB smap_state_blob; + enum ndr_err_code ndr_ret; + + smap_state_blob.length = val->dsize; + smap_state_blob.data = val->dptr; + + ndr_ret = ndr_pull_struct_blob(&smap_state_blob, mem_ctx, &smap_state, + (ndr_pull_flags_fn_t)ndr_pull_fsrvp_state_smap); + if (ndr_ret != NDR_ERR_SUCCESS) { + return NT_STATUS_INTERNAL_ERROR; + } + + smap = talloc_zero(mem_ctx, struct fss_sc_smap); + if (smap == NULL) { + return NT_STATUS_NO_MEMORY; + } + + smap->share_name = talloc_strdup(smap, smap_state.share_name); + if (smap->share_name == NULL) { + return NT_STATUS_NO_MEMORY; + } + + /* store the full path so that the hierarchy can be rebuilt */ + smap->sc_share_name = talloc_strdup(smap, (char *)key->dptr); + if (smap->sc_share_name == NULL) { + return NT_STATUS_NO_MEMORY; + } + + /* sc_share_comment may be empty, keep null in such a case */ + if (strlen(smap_state.sc_share_comment) > 0) { + smap->sc_share_comment = talloc_strdup(smap, + smap_state.sc_share_comment); + if (smap->sc_share_comment == NULL) { + return NT_STATUS_NO_MEMORY; + } + } + + smap->is_exposed = smap_state.is_exposed; + + *smap_out = smap; + return NT_STATUS_OK; +} + +static NTSTATUS fss_state_sc_retrieve(TALLOC_CTX *mem_ctx, + TDB_DATA *key, + TDB_DATA *val, + struct fss_sc **sc_out) +{ + struct fss_sc *sc; + struct fsrvp_state_sc sc_state; + DATA_BLOB sc_state_blob; + enum ndr_err_code ndr_ret; + + sc_state_blob.length = val->dsize; + sc_state_blob.data = val->dptr; + + ndr_ret = ndr_pull_struct_blob(&sc_state_blob, mem_ctx, &sc_state, + (ndr_pull_flags_fn_t)ndr_pull_fsrvp_state_sc); + if (ndr_ret != NDR_ERR_SUCCESS) { + return NT_STATUS_INTERNAL_ERROR; + } + + sc = talloc_zero(mem_ctx, struct fss_sc); + if (sc == NULL) { + return NT_STATUS_NO_MEMORY; + } + + /* store the full path so that the hierarchy can be rebuilt */ + sc->id_str = talloc_strdup(sc, (char *)key->dptr); + if (sc->id_str == NULL) { + return NT_STATUS_NO_MEMORY; + } + + sc->volume_name = talloc_strdup(sc, sc_state.volume_name); + if (sc->volume_name == NULL) { + return NT_STATUS_NO_MEMORY; + } + + /* sc_path may be empty, keep null in such a case */ + if (strlen(sc_state.sc_path) > 0) { + sc->sc_path = talloc_strdup(sc, sc_state.sc_path); + if (sc->sc_path == NULL) { + return NT_STATUS_NO_MEMORY; + } + } + sc->create_ts = sc_state.create_ts; + sc->smaps_count = sc_state.smaps_count; + + *sc_out = sc; + return NT_STATUS_OK; +} + +static NTSTATUS fss_state_sc_set_retrieve(TALLOC_CTX *mem_ctx, + TDB_DATA *key, + TDB_DATA *val, + struct fss_sc_set **sc_set_out) +{ + struct fss_sc_set *sc_set; + struct fsrvp_state_sc_set sc_set_state; + DATA_BLOB sc_set_state_blob; + enum ndr_err_code ndr_ret; + + sc_set_state_blob.length = val->dsize; + sc_set_state_blob.data = val->dptr; + + ndr_ret = ndr_pull_struct_blob(&sc_set_state_blob, mem_ctx, + &sc_set_state, + (ndr_pull_flags_fn_t)ndr_pull_fsrvp_state_sc_set); + if (ndr_ret != NDR_ERR_SUCCESS) { + return NT_STATUS_INTERNAL_ERROR; + } + + sc_set = talloc_zero(mem_ctx, struct fss_sc_set); + if (sc_set == NULL) { + return NT_STATUS_NO_MEMORY; + } + + /* store the full path so that the hierarchy can be rebuilt */ + sc_set->id_str = talloc_strdup(sc_set, (char *)key->dptr); + if (sc_set->id_str == NULL) { + return NT_STATUS_NO_MEMORY; + } + sc_set->state = sc_set_state.state; + sc_set->context = sc_set_state.context; + sc_set->scs_count = sc_set_state.scs_count; + + *sc_set_out = sc_set; + return NT_STATUS_OK; +} + +struct fss_traverse_state { + TALLOC_CTX *mem_ctx; + struct fss_sc_smap *smaps; + uint32_t smaps_count; + struct fss_sc *scs; + uint32_t scs_count; + struct fss_sc_set *sc_sets; + uint32_t sc_sets_count; + NTSTATUS (*smap_retrieve)(TALLOC_CTX *mem_ctx, + TDB_DATA *key, + TDB_DATA *val, + struct fss_sc_smap **smap_out); + NTSTATUS (*sc_retrieve)(TALLOC_CTX *mem_ctx, + TDB_DATA *key, + TDB_DATA *val, + struct fss_sc **sc_out); + NTSTATUS (*sc_set_retrieve)(TALLOC_CTX *mem_ctx, + TDB_DATA *key, + TDB_DATA *val, + struct fss_sc_set **sc_set_out); +}; + +static int fss_state_retrieve_traverse(struct db_record *rec, + void *private_data) +{ + NTSTATUS status; + struct fss_traverse_state *trv_state + = (struct fss_traverse_state *)private_data; + TDB_DATA key = dbwrap_record_get_key(rec); + TDB_DATA val = dbwrap_record_get_value(rec); + + /* order of checking is important here */ + if (strstr((char *)key.dptr, FSS_DB_KEY_PFX_SMAP) != NULL) { + struct fss_sc_smap *smap; + status = trv_state->smap_retrieve(trv_state->mem_ctx, + &key, &val, &smap); + if (!NT_STATUS_IS_OK(status)) { + return -1; + } + DLIST_ADD_END(trv_state->smaps, smap); + trv_state->smaps_count++; + } else if (strstr((char *)key.dptr, FSS_DB_KEY_PFX_SC) != NULL) { + struct fss_sc *sc; + status = trv_state->sc_retrieve(trv_state->mem_ctx, + &key, &val, &sc); + if (!NT_STATUS_IS_OK(status)) { + return -1; + } + DLIST_ADD_END(trv_state->scs, sc); + trv_state->scs_count++; + } else if (strstr((char *)key.dptr, FSS_DB_KEY_PFX_SC_SET) != NULL) { + struct fss_sc_set *sc_set; + status = trv_state->sc_set_retrieve(trv_state->mem_ctx, + &key, &val, &sc_set); + if (!NT_STATUS_IS_OK(status)) { + return -1; + } + DLIST_ADD_END(trv_state->sc_sets, sc_set); + trv_state->sc_sets_count++; + } else { + /* global context and db vers */ + DEBUG(4, ("Ignoring fss srv db entry with key %s\n", key.dptr)); + } + + return 0; +} + +static bool fss_state_smap_is_child(struct fss_sc *sc, + struct fss_sc_smap *smap) +{ + return (strstr(smap->sc_share_name, sc->id_str) != NULL); +} + +static NTSTATUS fss_state_hierarchize_smaps(struct fss_traverse_state *trv_state, + struct fss_sc *sc) +{ + struct fss_sc_smap *smap; + struct fss_sc_smap *smap_n; + uint32_t smaps_moved = 0; + + for (smap = trv_state->smaps; smap; smap = smap_n) { + smap_n = smap->next; + if (!fss_state_smap_is_child(sc, smap)) + continue; + + /* smap mem should be owned by parent sc */ + talloc_steal(sc, smap); + DLIST_REMOVE(trv_state->smaps, smap); + trv_state->smaps_count--; + DLIST_ADD_END(sc->smaps, smap); + smaps_moved++; + + /* last component of the tdb key path is the sc share name */ + SMB_ASSERT(strrchr(smap->sc_share_name, '/') != NULL); + smap->sc_share_name = strrchr(smap->sc_share_name, '/') + 1; + } + + if (sc->smaps_count != smaps_moved) { + DEBUG(0, ("Inconsistent smaps_count, expected %u, moved %u\n", + sc->smaps_count, smaps_moved)); + return NT_STATUS_UNSUCCESSFUL; + } + + return NT_STATUS_OK; +} + +static bool fss_state_sc_is_child(struct fss_sc_set *sc_set, + struct fss_sc *sc) +{ + return (strstr(sc->id_str, sc_set->id_str) != NULL); +} + +static NTSTATUS fss_state_hierarchize_scs(struct fss_traverse_state *trv_state, + struct fss_sc_set *sc_set) +{ + NTSTATUS status; + struct fss_sc *sc; + struct fss_sc *sc_n; + uint32_t scs_moved = 0; + + for (sc = trv_state->scs; sc; sc = sc_n) { + sc_n = sc->next; + if (!fss_state_sc_is_child(sc_set, sc)) + continue; + + /* sc mem should be owned by parent sc_set */ + talloc_steal(sc_set, sc); + DLIST_REMOVE(trv_state->scs, sc); + trv_state->scs_count--; + DLIST_ADD_END(sc_set->scs, sc); + scs_moved++; + + sc->sc_set = sc_set; + + /* last component of the tdb key path is the sc GUID str */ + SMB_ASSERT(strrchr(sc->id_str, '/') != NULL); + sc->id_str = strrchr(sc->id_str, '/') + 1; + + status = GUID_from_string(sc->id_str, &sc->id); + if (!NT_STATUS_IS_OK(status)) { + goto err_out; + } + + status = fss_state_hierarchize_smaps(trv_state, sc); + if (!NT_STATUS_IS_OK(status)) { + goto err_out; + } + } + + if (sc_set->scs_count != scs_moved) { + DEBUG(0, ("Inconsistent scs_count, expected %u, moved %u\n", + sc_set->scs_count, scs_moved)); + status = NT_STATUS_UNSUCCESSFUL; + goto err_out; + } + + return NT_STATUS_OK; + +err_out: + return status; +} + +static NTSTATUS fss_state_hierarchize(struct fss_traverse_state *trv_state, + struct fss_sc_set **sc_sets, + uint32_t *sc_sets_count) +{ + NTSTATUS status; + struct fss_sc_set *sc_set; + struct fss_sc_set *sc_set_n; + uint32_t i = 0; + + *sc_sets = NULL; + for (sc_set = trv_state->sc_sets; sc_set; sc_set = sc_set_n) { + sc_set_n = sc_set->next; + /* sc_set mem already owned by trv_state->mem_ctx */ + DLIST_REMOVE(trv_state->sc_sets, sc_set); + trv_state->sc_sets_count--; + DLIST_ADD_END(*sc_sets, sc_set); + i++; + + /* last component of the tdb key path is the sc_set GUID str */ + SMB_ASSERT(strrchr(sc_set->id_str, '/') != NULL); + sc_set->id_str = strrchr(sc_set->id_str, '/') + 1; + + status = GUID_from_string(sc_set->id_str, &sc_set->id); + if (!NT_STATUS_IS_OK(status)) { + goto err_out; + } + + status = fss_state_hierarchize_scs(trv_state, sc_set); + if (!NT_STATUS_IS_OK(status)) { + goto err_out; + } + } + *sc_sets_count = i; + return NT_STATUS_OK; + +err_out: + return status; +} + +_PRIVATE_ NTSTATUS fss_state_retrieve(TALLOC_CTX *mem_ctx, + struct fss_sc_set **sc_sets, + uint32_t *sc_sets_count, + const char *db_path) +{ + struct db_context *db; + NTSTATUS status; + struct fss_traverse_state trv_state; + int err; + int rec_count; + int vers; + *sc_sets = NULL; + *sc_sets_count = 0; + + memset(&trv_state, 0, sizeof(trv_state)); + trv_state.mem_ctx = talloc_new(mem_ctx); + if (trv_state.mem_ctx == NULL) { + status = NT_STATUS_NO_MEMORY; + goto err_out; + } + + /* set callbacks for unmarshalling on-disk structures */ + trv_state.smap_retrieve = fss_state_smap_retrieve; + trv_state.sc_retrieve = fss_state_sc_retrieve; + trv_state.sc_set_retrieve = fss_state_sc_set_retrieve; + + db = db_open(trv_state.mem_ctx, db_path, 0, TDB_DEFAULT, + O_RDONLY, 0600, DBWRAP_LOCK_ORDER_1, DBWRAP_FLAG_NONE); + err = errno; + if ((db == NULL) && (err == ENOENT)) { + DEBUG(4, ("fss state TDB does not exist for retrieval\n")); + status = NT_STATUS_OK; + goto err_ts_free; + } else if (db == NULL) { + DEBUG(0, ("Failed to open fss state TDB: %s\n", + strerror(err))); + status = NT_STATUS_ACCESS_DENIED; + goto err_ts_free; + } + + status = dbwrap_fetch_int32_bystring(db, FSS_DB_KEY_VERSION, + &vers); + if (!NT_STATUS_IS_OK(status)) { + DEBUG(0, ("failed to fetch version from fss state tdb: %s\n", + nt_errstr(status))); + goto err_db_free; + } else if (vers != FSRVP_STATE_DB_VERSION) { + DEBUG(0, ("Unsupported fss tdb version %d, expected %d\n", + vers, FSRVP_STATE_DB_VERSION)); + status = NT_STATUS_UNSUCCESSFUL; + goto err_db_free; + } + + status = dbwrap_traverse_read(db, + fss_state_retrieve_traverse, + &trv_state, + &rec_count); + if (!NT_STATUS_IS_OK(status)) { + goto err_db_free; + } + + status = fss_state_hierarchize(&trv_state, sc_sets, sc_sets_count); + if (!NT_STATUS_IS_OK(status)) { + DEBUG(0, ("Failed to form fss state hierarchy\n")); + goto err_db_free; + } + + /* check whether anything was left without a parent */ + if (trv_state.sc_sets_count != 0) { + DEBUG(0, ("%d shadow copy set orphans in %s tdb\n", + trv_state.sc_sets_count, db_path)); + status = NT_STATUS_UNSUCCESSFUL; + goto err_db_free; + } + if (trv_state.scs_count != 0) { + DEBUG(0, ("%d shadow copy orphans in %s tdb\n", + trv_state.scs_count, db_path)); + status = NT_STATUS_UNSUCCESSFUL; + goto err_db_free; + } + if (trv_state.smaps_count != 0) { + DEBUG(0, ("%d share map orphans in %s tdb\n", + trv_state.smaps_count, db_path)); + status = NT_STATUS_UNSUCCESSFUL; + goto err_db_free; + } + talloc_free(db); + + return NT_STATUS_OK; + +err_db_free: + talloc_free(db); +err_ts_free: + talloc_free(trv_state.mem_ctx); +err_out: + return status; +} |